ClawHub

中国交通规则

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only driving-rules reference skill, but it includes inaccurate legal exam content and over-specific medical and first-aid guidance that users could rely on in safety-critical situations.

Install only if you are comfortable treating it as an informal study aid, not as authoritative legal, medical, emergency, insurance, or driving-safety advice. Users should verify exam answers and legal rules with official traffic-management sources, and should rely on emergency services and licensed clinicians for injuries, health conditions, medications, or fitness-to-drive decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The finding is a true issue: the document presents internally contradictory driving-license guidance around whether a C1 license covers C2 vehicles, and the answer marking is inconsistent with the explanation. In a driving-rules exam-prep skill, incorrect or self-contradictory legal/compliance content can mislead learners, cause exam failure, and potentially influence unsafe or unlawful driving assumptions.

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The document goes beyond summarizing traffic-law eligibility rules and provides quasi-clinical risk stratification, monitoring thresholds, and condition-specific fitness-to-drive judgments. In a driving-rules skill, users may treat this as authoritative medical screening guidance, which can lead to unsafe self-assessment or delayed professional evaluation.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
This section contains direct medical-style advice such as blood-pressure monitoring routines, medication timing, contraindication thresholds, and drug substitution suggestions like changing to non-prescription sleep aids. That is especially dangerous in a non-medical driving-regulations skill because users may act on unsafe treatment guidance without clinician oversight, creating health and public-safety risks while driving.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The document provides first-aid instructions such as bleeding control, fracture immobilization, and guidance not to move seriously injured persons, but it does not clearly state that these steps are only basic interim measures and cannot replace professional emergency care. In an accident-handling skill, users may rely on the text during high-stress situations; incomplete or overgeneralized medical guidance can lead to delayed emergency response or unsafe intervention.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal